From 4abf2ad9b8fcd61c0147e8a9d170f10b4f2d9943 Mon Sep 17 00:00:00 2001
From: Markus Friedl <markus@cvs.openbsd.org>
Date: Thu, 27 Dec 2001 19:37:24 +0000
Subject: always use BN_clear_free instead of BN_free

---
 usr.bin/ssh/dh.c     | 16 ++++++++--------
 usr.bin/ssh/kexdh.c  |  6 +++---
 usr.bin/ssh/kexgex.c |  6 +++---
 3 files changed, 14 insertions(+), 14 deletions(-)

(limited to 'usr.bin')

diff --git a/usr.bin/ssh/dh.c b/usr.bin/ssh/dh.c
index a5d6f379c6b..3e1594eae79 100644
--- a/usr.bin/ssh/dh.c
+++ b/usr.bin/ssh/dh.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: dh.c,v 1.18 2001/12/27 18:22:16 markus Exp $");
+RCSID("$OpenBSD: dh.c,v 1.19 2001/12/27 19:37:22 markus Exp $");
 
 #include "xmalloc.h"
 
@@ -94,8 +94,8 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
 	return (1);
 
  failclean:
-	BN_free(dhg->g);
-	BN_free(dhg->p);
+	BN_clear_free(dhg->g);
+	BN_clear_free(dhg->p);
  fail:
 	error("Bad prime description in line %d", linenum);
 	return (0);
@@ -122,8 +122,8 @@ choose_dh(int min, int wantbits, int max)
 		linenum++;
 		if (!parse_prime(linenum, line, &dhg))
 			continue;
-		BN_free(dhg.g);
-		BN_free(dhg.p);
+		BN_clear_free(dhg.g);
+		BN_clear_free(dhg.p);
 
 		if (dhg.size > max || dhg.size < min)
 			continue;
@@ -152,8 +152,8 @@ choose_dh(int min, int wantbits, int max)
 		if ((dhg.size > max || dhg.size < min) ||
 		    dhg.size != best ||
 		    linenum++ != which) {
-			BN_free(dhg.g);
-			BN_free(dhg.p);
+			BN_clear_free(dhg.g);
+			BN_clear_free(dhg.p);
 			continue;
 		}
 		break;
@@ -203,7 +203,7 @@ dh_gen_key(DH *dh, int need)
 		    BN_num_bits(dh->p), 2*need);
 	do {
 		if (dh->priv_key != NULL)
-			BN_free(dh->priv_key);
+			BN_clear_free(dh->priv_key);
 		if ((dh->priv_key = BN_new()) == NULL)
 			fatal("dh_gen_key: BN_new failed");
 		/* generate a 2*need bits random private exponent */
diff --git a/usr.bin/ssh/kexdh.c b/usr.bin/ssh/kexdh.c
index 1e9f35835f9..059b41c4157 100644
--- a/usr.bin/ssh/kexdh.c
+++ b/usr.bin/ssh/kexdh.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kexdh.c,v 1.8 2001/12/27 18:22:16 markus Exp $");
+RCSID("$OpenBSD: kexdh.c,v 1.9 2001/12/27 19:37:22 markus Exp $");
 
 #include <openssl/crypto.h>
 #include <openssl/bn.h>
@@ -171,7 +171,7 @@ kexdh_client(Kex *kex)
 	    shared_secret
 	);
 	xfree(server_host_key_blob);
-	BN_free(dh_server_pub);
+	BN_clear_free(dh_server_pub);
 	DH_free(dh);
 
 	if (key_verify(server_host_key, signature, slen, hash, 20) != 1)
@@ -262,7 +262,7 @@ kexdh_server(Kex *kex)
 	    dh->pub_key,
 	    shared_secret
 	);
-	BN_free(dh_client_pub);
+	BN_clear_free(dh_client_pub);
 
 	/* save session id := H */
 	/* XXX hashlen depends on KEX */
diff --git a/usr.bin/ssh/kexgex.c b/usr.bin/ssh/kexgex.c
index b4fdac6955f..8822c8dcd73 100644
--- a/usr.bin/ssh/kexgex.c
+++ b/usr.bin/ssh/kexgex.c
@@ -24,7 +24,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: kexgex.c,v 1.11 2001/12/27 18:22:16 markus Exp $");
+RCSID("$OpenBSD: kexgex.c,v 1.12 2001/12/27 19:37:23 markus Exp $");
 
 #include <openssl/bn.h>
 
@@ -232,7 +232,7 @@ kexgex_client(Kex *kex)
 	/* have keys, free DH */
 	DH_free(dh);
 	xfree(server_host_key_blob);
-	BN_free(dh_server_pub);
+	BN_clear_free(dh_server_pub);
 
 	if (key_verify(server_host_key, signature, slen, hash, 20) != 1)
 		fatal("key_verify failed for server_host_key");
@@ -365,7 +365,7 @@ kexgex_server(Kex *kex)
 	    dh->pub_key,
 	    shared_secret
 	);
-	BN_free(dh_client_pub);
+	BN_clear_free(dh_client_pub);
 
 	/* save session id := H */
 	/* XXX hashlen depends on KEX */
-- 
cgit v1.2.3